Presentation is loading. Please wait.

Presentation is loading. Please wait.

IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig.

Published byMartina Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig."— Presentation transcript:

1 IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig

2 Documents in IESG Processing JWT (Mike) – http://datatracker.ietf.org/doc/draft-ietf-oauth-json-web-token/

3 Documents in IESG Processing, cont. Assertions (Brian) – http://datatracker.ietf.org/doc/draft-ietf-oauth-assertions/ – http://datatracker.ietf.org/doc/draft-ietf-oauth-jwt-bearer/ – http://datatracker.ietf.org/doc/draft-ietf-oauth-saml2-bearer/

4 Documents in IESG Processing, cont. Dynamic Client Registration (Justin) – http://datatracker.ietf.org/doc/draft-ietf-oauth-dyn-reg/ – http://datatracker.ietf.org/doc/draft-ietf-oauth-dyn-reg-management

5 IPR Disclosure on OAuth Late IPR disclosure from Nokia on RFC 6749: http://www.ietf.org/mail- archive/web/oauth/current/msg13436.html http://www.ietf.org/mail- archive/web/oauth/current/msg13436.html We asked you to evaluate the disclosure within your company and to give us feedback. No feedback received. No problem?

6 Milestone Check

7 OAuth & Authentication Problem: OAuth is used outside the originally intended usage. Attempts to use OAuth for Web SSO lead to security problems. Our approach: Make readers aware of the problems. Point them to OpenID Connect Draft write-up by Justin, see http://www.ietf.org/mail- archive/web/oauth/current/msg13708.html Plan was to publish it on oauth.net

8 Proof-of-Possession Requirements/Use Cases/Threats/Architecture – http://datatracker.ietf.org/doc/draft-ietf-oauth-pop-architecture/ http://datatracker.ietf.org/doc/draft-ietf-oauth-pop-architecture/ – Status: 4/5 PoP Semantics for JWTs – http://datatracker.ietf.org/doc/draft-ietf-oauth-proof-of-possession/ http://datatracker.ietf.org/doc/draft-ietf-oauth-proof-of-possession/ – Status: 4/5 Authorization Server to Client Key Distribution – http://datatracker.ietf.org/doc/draft-ietf-oauth-pop-key-distribution/ http://datatracker.ietf.org/doc/draft-ietf-oauth-pop-key-distribution/ – Status: 3/5 (see open issue) Signing of HTTP Requests – http://datatracker.ietf.org/doc/draft-ietf-oauth-signed-http-request/ http://datatracker.ietf.org/doc/draft-ietf-oauth-signed-http-request/ – Status: 1/5 (currently strawman proposal) – Token Binding work might be relevant: https://tools.ietf.org/html/draft-popov-token-binding-00https://tools.ietf.org/html/draft-popov-token-binding-00 – Potential to re-use deployed solutions, such as http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html Slow progress; how do we speed up work?

9 Recently added WG Drafts Token Exchange (Mike) http://datatracker.ietf.org/doc/draft-ietf-oauth-token-exchange/ Token Introspection (Justin) http://datatracker.ietf.org/doc/draft-ietf-oauth-introspection/ Request by JWS ver.1.0 for OAuth 2.0 (Nat) http://datatracker.ietf.org/doc/draft-ietf-oauth-jwsreq/ SPOP (Nat) http://datatracker.ietf.org/doc/draft-ietf-oauth-spop/

Download ppt "IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig."

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Oct, 26 th, 2010 OGF 29, FVGA-WG: Firewall Virtualization for Grid Applications Firewall Virtualization for Grid Applications - Status update

Oct, 26 th, 2010 OGF 29, FVGA-WG: Firewall Virtualization for Grid Applications Firewall Virtualization for Grid Applications - Status update
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
IETF 76 – November 8-14 – Hiroshima, Japan RMT LCT draft-rmt-pi-alc-revised-10 Mark Watson.

IETF 76 – November 8-14 – Hiroshima, Japan RMT LCT draft-rmt-pi-alc-revised-10 Mark Watson.
IETF OAuth Proof-of-Possession

IETF OAuth Proof-of-Possession
1 IETF OAuth Proof-of-Possession Hannes Tschofenig.

1 IETF OAuth Proof-of-Possession Hannes Tschofenig.
Hannes Tschofenig, Blaine Cook (IETF#79, Beijing).

Hannes Tschofenig, Blaine Cook (IETF#79, Beijing).
Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.

Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.
OpenID Connect Update and Discussion Mountain View Summit – September 12, 2011 Mike Jones – Microsoft John Bradley – Independent Nat Sakimura – Nomura.

OpenID Connect Update and Discussion Mountain View Summit – September 12, 2011 Mike Jones – Microsoft John Bradley – Independent Nat Sakimura – Nomura.
OAuth/UMA for ACE 24 th March 2015 draft-maler-ace-oauth-uma-00.txt Eve Maler, Erik Wahlström, Samuel Erdtman, Hannes Tschofenig.

OAuth/UMA for ACE 24 th March 2015 draft-maler-ace-oauth-uma-00.txt Eve Maler, Erik Wahlström, Samuel Erdtman, Hannes Tschofenig.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
OAuth 2.0 Security IETF OAuth WG Conference Call, 14th December 2012.

OAuth 2.0 Security IETF OAuth WG Conference Call, 14th December 2012.
Diameter End-to-End Security: Keyed Message Digests, Digital Signatures, and Encryption draft-korhonen-dime-e2e-security-00 Jouni Korhonen, Hannes Tschofenig.

Diameter End-to-End Security: Keyed Message Digests, Digital Signatures, and Encryption draft-korhonen-dime-e2e-security-00 Jouni Korhonen, Hannes Tschofenig.
OAuth Security Hannes Tschofenig Derek Atkins. State-of-the-Art Design Team work late 2012/early 2013 Results documented in Appendix 3 (Requirements)

OAuth Security Hannes Tschofenig Derek Atkins. State-of-the-Art Design Team work late 2012/early 2013 Results documented in Appendix 3 (Requirements)
ACE BOF, IETF-89 London Authentication and Authorization for Constrained Environments (ACE) BOF Wed 09:00-11:30, Balmoral BOF Chairs: Kepeng Li, Hannes.

ACE BOF, IETF-89 London Authentication and Authorization for Constrained Environments (ACE) BOF Wed 09:00-11:30, Balmoral BOF Chairs: Kepeng Li, Hannes.
SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21, 2014 1.

SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21,
Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.

Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.
(Preliminary) Gap Analysis Hannes Tschofenig. Goal of this Presentation The IETF has developed a number of security technologies that are applicable to.

(Preliminary) Gap Analysis Hannes Tschofenig. Goal of this Presentation The IETF has developed a number of security technologies that are applicable to.
DIME WG IETF 79 DIME WG Status & Other Stuff Thursday, November 11, 2010 Jouni Korhonen, Lionel Morand.

DIME WG IETF 79 DIME WG Status & Other Stuff Thursday, November 11, 2010 Jouni Korhonen, Lionel Morand.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.

Similar presentations

Ads by Google